CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-35195 |
Description: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycle of the connection in the connection pool. This vulnerability is fixed in 2.32.0.
CVSS: MEDIUM (5.6) EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-3516 |
Description: Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.06%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-3515 |
Description: Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.06%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-35110 |
Description: A reflected XSS vulnerability has been found in YzmCMS 7.1. The vulnerability exists in yzmphp/core/class/application.class.php: when logged-in users access a malicious link, their cookies can be captured by an attacker.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-35109 |
Description: idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /homePro_deal.php?mudi=add&nohrefStr=close.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-35108 |
Description: idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/homePro_deal.php?mudi=del&dataType=&dataTypeCN.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-35102 |
Description: Insecure Permissions vulnerability in VITEC AvediaServer (Model avsrv-m8105) 8.6.2-1 allows a remote attacker to escalate privileges via a crafted script.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-35099 |
Description: TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password parameter in the function loginAuth.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-35091 |
Description: J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysTenantMapper.xml.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
|
CVE-2024-35090 |
Description: J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysUreportFileMapper.xml.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|